SB20240711190 - SUSE update for the Linux Kernel
Published: July 11, 2024 Updated: March 14, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 427 secuirty vulnerabilities.
1) Improper locking (CVE-ID: CVE-2023-0160)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
2) Use-after-free (CVE-ID: CVE-2023-47233)
The vulnerability allows an attacker to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcm80211 in a brcmf_cfg80211_detach in the device unplugging (disconnect the USB by hotplug) code. An attacker with physical access to device can trigger a use-after-free error and escalate privileges on the system.
3) Buffer overflow (CVE-ID: CVE-2023-52434)
The vulnerability allows a remote user to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error within the smb2_parse_contexts() function when parsing SMB packets. A remote user can send specially crafted SMB traffic to the affected system, trigger memory corruption and execute arbitrary code.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
4) NULL pointer dereference (CVE-ID: CVE-2023-52458)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the blkpg_do_ioctl() function in block/ioctl.c. A local user can perform a denial of service (DoS) attack.
5) NULL pointer dereference (CVE-ID: CVE-2023-52463)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the efivarfs_get_tree() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
6) NULL pointer dereference (CVE-ID: CVE-2023-52472)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rsa_check_exponent_fips() function in crypto/rsa.c. A local user can perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2023-52483)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mctp_route_lookup() function in net/mctp/route.c. A local user can escalate privileges on the system.
8) NULL pointer dereference (CVE-ID: CVE-2023-52492)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the EXPORT_SYMBOL_GPL() function in drivers/dma/dmaengine.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2023-52503)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the destroy_session(), amdtee_open_session() and amdtee_close_session() functions in drivers/tee/amdtee/core.c. A local user can escalate privileges on the system.
10) Improper locking (CVE-ID: CVE-2023-52591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the reiserfs_rename() function in fs/reiserfs/namei.c. A local user can perform a denial of service (DoS) attack.
11) Resource management error (CVE-ID: CVE-2023-52608)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the shmem_poll_done() function in drivers/firmware/arm_scmi/shmem.c, within the rx_callback() function in drivers/firmware/arm_scmi/mailbox.c. A local user can perform a denial of service (DoS) attack.
12) Improper Initialization (CVE-ID: CVE-2023-52616)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the mpi_ec_init() function in lib/mpi/ec.c. A local user can perform a denial of service (DoS) attack.
13) Buffer overflow (CVE-ID: CVE-2023-52618)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the rnbd_srv_get_full_path() function in drivers/block/rnbd/rnbd-srv.c. A local user can perform a denial of service (DoS) attack.
14) NULL pointer dereference (CVE-ID: CVE-2023-52631)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the fs/ntfs3/ntfs_fs.h. A local user can perform a denial of service (DoS) attack.
15) Improper locking (CVE-ID: CVE-2023-52635)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the devfreq_monitor(), devfreq_monitor_start() and devfreq_monitor_stop() functions in drivers/devfreq/devfreq.c. A local user can perform a denial of service (DoS) attack.
16) Out-of-bounds read (CVE-ID: CVE-2023-52640)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ntfs_list_ea() function in fs/ntfs3/xattr.c. A local user can perform a denial of service (DoS) attack.
17) NULL pointer dereference (CVE-ID: CVE-2023-52641)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ni_find_attr() and run_truncate_around() functions in fs/ntfs3/attrib.c. A local user can perform a denial of service (DoS) attack.
18) Race condition (CVE-ID: CVE-2023-52645)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the scpsys_add_subdomain() and scpsys_remove_one_domain() functions in drivers/soc/mediatek/mtk-pm-domains.c. A local user can perform a denial of service (DoS) attack.
19) Information disclosure (CVE-ID: CVE-2023-52652)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pci_vntb_probe() function in drivers/pci/endpoint/functions/pci-epf-vntb.c, within the EXPORT_SYMBOL() and ntb_register_device() functions in drivers/ntb/core.c. A local user can gain access to sensitive information.
20) Memory leak (CVE-ID: CVE-2023-52653)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gss_import_v2_context() function in net/sunrpc/auth_gss/gss_krb5_mech.c. A local user can perform a denial of service (DoS) attack.
21) Resource management error (CVE-ID: CVE-2023-52654)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the scm_fp_copy() function in net/core/scm.c, within the io_finish_async() and io_sqe_files_register() functions in fs/io_uring.c. A local user can perform a denial of service (DoS) attack.
22) Buffer overflow (CVE-ID: CVE-2023-52655)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the aqc111_rx_fixup() function in drivers/net/usb/aqc111.c. A local user can perform a denial of service (DoS) attack.
23) Improper error handling (CVE-ID: CVE-2023-52657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the si_dpm_enable() and si_dpm_process_interrupt() functions in drivers/gpu/drm/amd/pm/legacy-dpm/si_dpm.c. A local user can perform a denial of service (DoS) attack.
24) Input validation error (CVE-ID: CVE-2023-52658)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the esw_inline_mode_to_devlink() and mlx5_devlink_eswitch_mode_set() functions in drivers/net/ethernet/mellanox/mlx5/core/eswitch_offloads.c. A local user can perform a denial of service (DoS) attack.
25) Input validation error (CVE-ID: CVE-2023-52659)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arch/x86/include/asm/page.h. A local user can perform a denial of service (DoS) attack.
26) Improper error handling (CVE-ID: CVE-2023-52660)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the rkisp1_isp_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c, within the rkisp1_runtime_suspend() and rkisp1_runtime_resume() functions in drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c, within the rkisp1_csi_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c, within the rkisp1_capture_isr() function in drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c. A local user can perform a denial of service (DoS) attack.
27) Improper error handling (CVE-ID: CVE-2023-52661)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the tegra_dc_rgb_probe() function in drivers/gpu/drm/tegra/rgb.c. A local user can perform a denial of service (DoS) attack.
28) Memory leak (CVE-ID: CVE-2023-52662)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the vmw_gmrid_man_get_node() function in drivers/gpu/drm/vmwgfx/vmwgfx_gmrid_manager.c. A local user can perform a denial of service (DoS) attack.
29) Memory leak (CVE-ID: CVE-2023-52663)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amd_sof_acp_probe() function in sound/soc/sof/amd/acp.c. A local user can perform a denial of service (DoS) attack.
30) Double free (CVE-ID: CVE-2023-52664)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the aq_vec_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_vec.c, within the aq_get_rxpages(), aq_ring_alloc(), aq_ring_rx_alloc() and aq_ring_hwts_rx_alloc() functions in drivers/net/ethernet/aquantia/atlantic/aq_ring.c, within the aq_ptp_ring_alloc() function in drivers/net/ethernet/aquantia/atlantic/aq_ptp.c. A local user can perform a denial of service (DoS) attack.
31) Double free (CVE-ID: CVE-2023-52667)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the fs_any_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en/fs_tt_redirect.c. A local user can perform a denial of service (DoS) attack.
32) Out-of-bounds read (CVE-ID: CVE-2023-52669)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ctr_paes_crypt() function in arch/s390/crypto/paes_s390.c, within the ctr_aes_crypt() function in arch/s390/crypto/aes_s390.c. A local user can perform a denial of service (DoS) attack.
33) Memory leak (CVE-ID: CVE-2023-52670)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the virtio_rpmsg_release_device() function in drivers/rpmsg/virtio_rpmsg_bus.c. A local user can perform a denial of service (DoS) attack.
34) Integer underflow (CVE-ID: CVE-2023-52671)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the optc32_disable_crtc() function in drivers/gpu/drm/amd/display/dc/dcn32/dcn32_optc.c. A local user can execute arbitrary code.
35) NULL pointer dereference (CVE-ID: CVE-2023-52673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the capabilities_show() function in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c. A local user can perform a denial of service (DoS) attack.
36) Out-of-bounds read (CVE-ID: CVE-2023-52674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the scarlett2_mixer_ctl_put() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
37) NULL pointer dereference (CVE-ID: CVE-2023-52675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the update_events_in_group() function in arch/powerpc/perf/imc-pmu.c. A local user can perform a denial of service (DoS) attack.
38) Integer overflow (CVE-ID: CVE-2023-52676)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the check_ptr_to_map_access() and check_stack_access_within_bounds() functions in kernel/bpf/verifier.c. A local user can execute arbitrary code.
39) Improper error handling (CVE-ID: CVE-2023-52678)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the kfd_create_indirect_link_prop() and kfd_add_peer_prop() functions in drivers/gpu/drm/amd/amdkfd/kfd_topology.c. A local user can perform a denial of service (DoS) attack.
40) Double free (CVE-ID: CVE-2023-52679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the of_unittest_parse_phandle_with_args() and of_unittest_parse_phandle_with_args_map() functions in drivers/of/unittest.c, within the of_parse_phandle_with_args_map() function in drivers/of/base.c. A local user can perform a denial of service (DoS) attack.
41) Improper error handling (CVE-ID: CVE-2023-52680)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_sync_ctl_get(), scarlett2_master_volume_ctl_get(), scarlett2_volume_ctl_get(), scarlett2_mute_ctl_get(), scarlett2_level_enum_ctl_get(), scarlett2_pad_ctl_get(), scarlett2_air_ctl_get(), scarlett2_phantom_ctl_get(), scarlett2_direct_monitor_ctl_get(), scarlett2_speaker_switch_enum_ctl_get(), scarlett2_talkback_enum_ctl_get(), scarlett2_dim_mute_ctl_get() and scarlett2_mux_src_enum_ctl_get() functions in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
42) Improper locking (CVE-ID: CVE-2023-52681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the efivarfs_init_fs_context() function in fs/efivarfs/super.c. A local user can perform a denial of service (DoS) attack.
43) Integer overflow (CVE-ID: CVE-2023-52683)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the lpit_update_residency() function in drivers/acpi/acpi_lpit.c. A local user can execute arbitrary code.
44) Buffer overflow (CVE-ID: CVE-2023-52685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the persistent_ram_init_ecc() function in fs/pstore/ram_core.c. A local user can escalate privileges on the system.
45) NULL pointer dereference (CVE-ID: CVE-2023-52686)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_event_init() function in arch/powerpc/platforms/powernv/opal-irqchip.c. A local user can perform a denial of service (DoS) attack.
46) Improper error handling (CVE-ID: CVE-2023-52687)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the safexcel_send_req() function in drivers/crypto/inside-secure/safexcel_cipher.c. A local user can perform a denial of service (DoS) attack.
47) Memory leak (CVE-ID: CVE-2023-52690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the scom_debug_init_one() function in arch/powerpc/platforms/powernv/opal-xscom.c. A local user can perform a denial of service (DoS) attack.
48) Double free (CVE-ID: CVE-2023-52691)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the si_dpm_init() function in drivers/gpu/drm/amd/amdgpu/si_dpm.c. A local user can perform a denial of service (DoS) attack.
49) Improper error handling (CVE-ID: CVE-2023-52692)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the scarlett2_usb_set_config() function in sound/usb/mixer_scarlett_gen2.c. A local user can perform a denial of service (DoS) attack.
50) Use of uninitialized resource (CVE-ID: CVE-2023-52693)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the acpi_video_dev_register_backlight() function in drivers/acpi/acpi_video.c. A local user can perform a denial of service (DoS) attack.
51) Resource management error (CVE-ID: CVE-2023-52694)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the tpd12s015_probe() function in drivers/gpu/drm/bridge/ti-tpd12s015.c. A local user can perform a denial of service (DoS) attack.
52) NULL pointer dereference (CVE-ID: CVE-2023-52695)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the create_validate_stream_for_sink() and dm_update_crtc_state() functions in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm.c. A local user can perform a denial of service (DoS) attack.
53) NULL pointer dereference (CVE-ID: CVE-2023-52696)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the opal_powercap_init() function in arch/powerpc/platforms/powernv/opal-powercap.c. A local user can perform a denial of service (DoS) attack.
54) Input validation error (CVE-ID: CVE-2023-52697)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sof_sdw_rt_sdca_jack_exit() function in sound/soc/intel/boards/sof_sdw_rt_sdca_jack_common.c. A local user can perform a denial of service (DoS) attack.
55) Memory leak (CVE-ID: CVE-2023-52698)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the netlbl_calipso_ops_register(), netlbl_calipso_add_pass() and netlbl_calipso_genl_init() functions in net/netlabel/netlabel_calipso.c. A local user can perform a denial of service (DoS) attack.
56) Use-after-free (CVE-ID: CVE-2023-52771)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the grandparent() function in drivers/cxl/core/port.c. A local user can escalate privileges on the system.
57) Use-after-free (CVE-ID: CVE-2023-52772)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the unix_stream_recv_urg() function in net/unix/af_unix.c. A local user can escalate privileges on the system.
58) NULL pointer dereference (CVE-ID: CVE-2023-52860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hns3_pmu_init_pmu() and hns3_pmu_uninit_pmu() functions in drivers/perf/hisilicon/hns3_pmu.c. A local user can perform a denial of service (DoS) attack.
59) Input validation error (CVE-ID: CVE-2023-52882)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.
60) Buffer overflow (CVE-ID: CVE-2023-6238)
The vulnerability allows a local privileged user to execute arbitrary code.
A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.
61) Use-after-free (CVE-ID: CVE-2023-6270)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the aoecmd_cfg_pkts() function in the ATA over Ethernet (AoE) driver. A local user can trigger a use-after-free error and escalate privileges on the system.
62) Race condition (CVE-ID: CVE-2023-6531)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition when the unix garbage collector's deletion of a SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. A local user can exploit the race and escalate privileges on the system.
63) NULL pointer dereference (CVE-ID: CVE-2023-7042)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() function in drivers/net/wireless/ath/ath10k/wmi-tlv.c. A local user can pass specially crafted data to the driver and perform a denial of service (DoS) attack.
64) Improper locking (CVE-ID: CVE-2024-0639)
The vulnerability allows a local user to perform a denial of service attack.
The vulnerability exists due to improper locking within the sctp_auto_asconf_init() function in net/sctp/socket.c. A local user can crash the kernel.
65) Deserialization of Untrusted Data (CVE-ID: CVE-2024-21823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insecure deserialization in hardware logic. A local user can perform a denial of service (DoS) attack.
66) NULL pointer dereference (CVE-ID: CVE-2024-22099)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the rfcomm_check_security() function in /net/bluetooth/rfcomm/core.c. A local user can pass specially crafted data to the application and perform a denial of service (DoS) attack.
67) Use-after-free (CVE-ID: CVE-2024-23848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. A local user can perform a denial of service (DoS) attack.
68) Race condition (CVE-ID: CVE-2024-24861)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the xc4000 xc4000_get_frequency() function in the media/xc4000 device driver. A local user can exploit the race and escalate privileges on the system.
69) Improper check for unusual or exceptional conditions (CVE-ID: CVE-2024-25739)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper check for unusual or exceptional conditions error within the ubi_read_volume_table() function in drivers/mtd/ubi/vtbl.c. A local user can perform a denial of service (DoS) attack.
70) Improper locking (CVE-ID: CVE-2024-26601)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_generate_buddy() and mb_free_blocks() functions in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
71) NULL pointer dereference (CVE-ID: CVE-2024-26611)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_sk_base_func_proto(), bpf_xdp_frags_increase_tail() and bpf_xdp_frags_shrink_tail() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.
72) Resource management error (CVE-ID: CVE-2024-26614)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the reqsk_queue_alloc() function in net/core/request_sock.c. A remote attacker can send specially crafted ACK packets to the system and perform a denial of service (DoS) attack.
73) NULL pointer dereference (CVE-ID: CVE-2024-26632)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the include/linux/bio.h. A local user can perform a denial of service (DoS) attack.
74) Use of uninitialized resource (CVE-ID: CVE-2024-26638)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __sock_xmit() function in drivers/block/nbd.c. A local user can perform a denial of service (DoS) attack.
75) Improper access control (CVE-ID: CVE-2024-26642)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper access restrictions within the nf_tables_newset() function in net/netfilter/nf_tables_api.c. A local user can set arbitrary timeouts, which can result in a denial of service condition.
76) Race condition (CVE-ID: CVE-2024-26643)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nf_tables_unbind_set() function in net/netfilter/nf_tables_api.c. A local user can exploit the race and escalate privileges on the system.
77) Double free (CVE-ID: CVE-2024-26652)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pdsc_auxbus_dev_register() function in drivers/net/ethernet/amd/pds_core/auxbus.c. A local user can perform a denial of service (DoS) attack.
78) Race condition (CVE-ID: CVE-2024-26654)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition in sound/sh/aica.c. A local user can exploit the race and escalate privileges on the system.
79) Use-after-free (CVE-ID: CVE-2024-26656)
The vulnerability allows a local user to crash the kernel.
The vulnerability exists due to a use-after-free error in drivers/gpu/drm/amd/amdgpu/amdgpu_hmm.c. A local user can send a single amdgpu_gem_userptr_ioctl
to the AMDGPU DRM driver on any ASICs with an invalid address and size and perform a denial of service (DoS) attack.
80) NULL pointer dereference (CVE-ID: CVE-2024-26657)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error in drivers/gpu/drm/scheduler/sched_entity.c. A local user can send an amdgpu_cs_wait_ioctl to the AMDGPU DRM driver on any ASICs with valid context and perform a denial of service (DoS) attack.
81) Buffer overflow (CVE-ID: CVE-2024-26671)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_mq_mark_tag_wait() function in block/blk-mq.c. A local user can perform a denial of service (DoS) attack.
82) Input validation error (CVE-ID: CVE-2024-26673)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the nft_ct_expect_obj_init() function in net/netfilter/nft_ct.c. A local user can perform a denial of service (DoS) attack.
83) Improper error handling (CVE-ID: CVE-2024-26674)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the SYM_CODE_START_LOCAL() function in arch/x86/lib/putuser.S, within the SYM_CODE_END() function in arch/x86/lib/getuser.S. A local user can perform a denial of service (DoS) attack.
84) Input validation error (CVE-ID: CVE-2024-26675)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ppp_async_ioctl() function in drivers/net/ppp/ppp_async.c. A local user can perform a denial of service (DoS) attack.
85) Improper locking (CVE-ID: CVE-2024-26679)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the EXPORT_SYMBOL() function in net/ipv4/af_inet.c. A local user can perform a denial of service (DoS) attack.
86) Improper error handling (CVE-ID: CVE-2024-26684)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the dwxgmac3_handle_dma_err(), dwxgmac3_safety_feat_config(), dwxgmac3_safety_feat_irq_status() and dwxgmac3_safety_feat_dump() functions in drivers/net/ethernet/stmicro/stmmac/dwxgmac2_core.c. A local user can perform a denial of service (DoS) attack.
87) Race condition (CVE-ID: CVE-2024-26685)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nilfs_segctor_prepare_write(), nilfs_abort_logs() and nilfs_segctor_complete_write() functions in fs/nilfs2/segment.c. A local user can escalate privileges on the system.
88) Resource management error (CVE-ID: CVE-2024-26692)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to improper management of internal resources within the smb3_fs_context_parse_param() function in fs/smb/client/fs_context.c, within the cifs_mount_get_tcon() function in fs/smb/client/connect.c. A local user can corrupt data.
89) Improper locking (CVE-ID: CVE-2024-26696)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nilfs_page_mkwrite() function in fs/nilfs2/file.c. A local user can perform a denial of service (DoS) attack.
90) Information disclosure (CVE-ID: CVE-2024-26697)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the nilfs_prepare_segment_for_recovery(), nilfs_recovery_copy_block() and nilfs_recover_dsync_blocks() functions in fs/nilfs2/recovery.c. A local user can gain access to sensitive information.
91) Double free (CVE-ID: CVE-2024-26704)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the ext4_move_extents() function in fs/ext4/move_extent.c. A local user can perform a denial of service (DoS) attack.
92) Input validation error (CVE-ID: CVE-2024-26714)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/interconnect/qcom/sc8180x.c. A local user can perform a denial of service (DoS) attack.
93) Improper locking (CVE-ID: CVE-2024-26726)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clear_extent_uptodate() function in fs/btrfs/inode.c. A local user can perform a denial of service (DoS) attack.
94) NULL pointer dereference (CVE-ID: CVE-2024-26731)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sk_psock_verdict_data_ready() function in net/core/skmsg.c. A local user can perform a denial of service (DoS) attack.
95) Buffer overflow (CVE-ID: CVE-2024-26733)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the arp_req_get() function in net/ipv4/arp.c. A local user can escalate privileges on the system.
96) Buffer overflow (CVE-ID: CVE-2024-26736)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the afs_update_volume_status() function in fs/afs/volume.c. A local user can escalate privileges on the system.
97) Race condition (CVE-ID: CVE-2024-26737)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition between the bpf_timer_cancel_and_free and bpf_timer_cancel calls in kernel/bpf/helpers.c. A local user can exploit the race and escalate privileges on the system.
98) Use-after-free (CVE-ID: CVE-2024-26739)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcf_mirred_to_dev() function in net/sched/act_mirred.c. A local user can escalate privileges on the system.
99) Improper locking (CVE-ID: CVE-2024-26740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mirred_egress_to_ingress_tcp_test() function in tools/testing/selftests/net/forwarding/tc_actions.sh, within the is_mirred_nested() and tcf_mirred_to_dev() functions in net/sched/act_mirred.c. A local user can perform a denial of service (DoS) attack.
100) Resource management error (CVE-ID: CVE-2024-26742)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the pqi_map_queues() function in drivers/scsi/smartpqi/smartpqi_init.c. A local user can perform a denial of service (DoS) attack.
101) Resource management error (CVE-ID: CVE-2024-26756)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the raid5_run() and raid5_start_reshape() functions in drivers/md/raid5.c, within the raid10_run() and clear_bit() functions in drivers/md/raid10.c, within the md_start_sync() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
102) Resource management error (CVE-ID: CVE-2024-26757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sysfs_notify_dirent_safe() and md_check_recovery() functions in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
103) NULL pointer dereference (CVE-ID: CVE-2024-26760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drivers/target/target_core_pscsi.c. A local user can perform a denial of service (DoS) attack.
104) Resource management error (CVE-ID: CVE-2024-26761)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the __cxl_hdm_decode_init() function in drivers/cxl/core/pci.c. A local user can perform a denial of service (DoS) attack.
105) Resource management error (CVE-ID: CVE-2024-26764)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kiocb_set_cancel_fn() and aio_prep_rw() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
106) Improper locking (CVE-ID: CVE-2024-26769)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvmet_fc_tgt_a_get(), __nvmet_fc_finish_ls_req() and nvmet_fc_register_targetport() functions in drivers/nvme/target/fc.c. A local user can perform a denial of service (DoS) attack.
107) Improper locking (CVE-ID: CVE-2024-26772)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_find_by_goal() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
108) Improper locking (CVE-ID: CVE-2024-26773)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_mb_try_best_found() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
109) Division by zero (CVE-ID: CVE-2024-26774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the mb_update_avg_fragment_size() function in fs/ext4/mballoc.c. A local user can perform a denial of service (DoS) attack.
110) Improper locking (CVE-ID: CVE-2024-26775)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the aoeblk_gdalloc() function in drivers/block/aoe/aoeblk.c. A local user can perform a denial of service (DoS) attack.
111) Race condition (CVE-ID: CVE-2024-26779)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the ieee80211_check_fast_xmit() function in net/mac80211/tx.c, within the sta_info_insert_finish() function in net/mac80211/sta_info.c. A local user can escalate privileges on the system.
112) Resource management error (CVE-ID: CVE-2024-26783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the numamigrate_isolate_page() function in mm/migrate.c. A local user can perform a denial of service (DoS) attack.
113) Improper resource shutdown or release (CVE-ID: CVE-2024-26786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the iopt_add_access() function in drivers/iommu/iommufd/io_pagetable.c. A local user can perform a denial of service (DoS) attack.
114) Out-of-bounds read (CVE-ID: CVE-2024-26791)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the btrfs_check_replace_dev_names() and btrfs_dev_replace_by_ioctl() functions in fs/btrfs/dev-replace.c. A local user can perform a denial of service (DoS) attack.
115) Use-after-free (CVE-ID: CVE-2024-26793)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_init() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
116) Improper locking (CVE-ID: CVE-2024-26794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the emit_fiemap_extent() function in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
117) NULL pointer dereference (CVE-ID: CVE-2024-26802)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the stmmac_fpe_stop_wq() function in drivers/net/ethernet/stmicro/stmmac/stmmac_main.c. A local user can perform a denial of service (DoS) attack.
118) Use of uninitialized resource (CVE-ID: CVE-2024-26805)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the netlink_group_mask() function in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
119) Buffer overflow (CVE-ID: CVE-2024-26807)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the cqspi_remove(), cqspi_suspend() and cqspi_resume() functions in drivers/spi/spi-cadence-quadspi.c. A local user can escalate privileges on the system.
120) Out-of-bounds read (CVE-ID: CVE-2024-26815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the NLA_POLICY_MAX() function in net/sched/sch_taprio.c. A local user can perform a denial of service (DoS) attack.
121) Memory leak (CVE-ID: CVE-2024-26816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the print_absolute_relocs() function in arch/x86/tools/relocs.c. A local user can perform a denial of service (DoS) attack.
122) Resource management error (CVE-ID: CVE-2024-26822)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to improper management of internal resources within the automount_fullpath() and cifs_do_automount() functions in fs/smb/client/namespace.c. A local user can force the SMB client to reuse its parent mount uid, gid and cruid and gain unauthorized access to information.
123) Integer underflow (CVE-ID: CVE-2024-26828)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the parse_server_interfaces() function in fs/smb/client/smb2ops.c. A local user can execute arbitrary code.
124) Race condition (CVE-ID: CVE-2024-26832)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
125) Resource management error (CVE-ID: CVE-2024-26836)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the current_value_store() function in drivers/platform/x86/think-lmi.c. A local user can perform a denial of service (DoS) attack.
126) Memory leak (CVE-ID: CVE-2024-26844)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bio_copy_user_iov() function in block/blk-map.c. A local user can perform a denial of service (DoS) attack.
127) Double free (CVE-ID: CVE-2024-26846)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the LIST_HEAD(), nvme_fc_free_lport(), nvme_fc_init_module(), device_destroy() and nvme_fc_delete_controllers() functions in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
128) Improper locking (CVE-ID: CVE-2024-26848)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the afs_dir_iterate_block() function in fs/afs/dir.c. A local user can perform a denial of service (DoS) attack.
129) Buffer overflow (CVE-ID: CVE-2024-26853)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the igc_xdp_xmit() function in drivers/net/ethernet/intel/igc/igc_main.c. A local user can escalate privileges on the system.
130) Improper locking (CVE-ID: CVE-2024-26854)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ice_dpll_init() function in drivers/net/ethernet/intel/ice/ice_dpll.c. A local user can perform a denial of service (DoS) attack.
131) NULL pointer dereference (CVE-ID: CVE-2024-26855)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_bridge_setlink() function in drivers/net/ethernet/intel/ice/ice_main.c. A local user can perform a denial of service (DoS) attack.
132) Use-after-free (CVE-ID: CVE-2024-26856)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the sparx5_del_mact_entry() function in drivers/net/ethernet/microchip/sparx5/sparx5_mactable.c. A local user can escalate privileges on the system.
133) Use of uninitialized resource (CVE-ID: CVE-2024-26857)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_rx() function in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
134) NULL pointer dereference (CVE-ID: CVE-2024-26858)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlx5e_txwqe_complete() function in drivers/net/ethernet/mellanox/mlx5/core/en_tx.c. A local user can perform a denial of service (DoS) attack.
135) Memory leak (CVE-ID: CVE-2024-26860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the dm_integrity_rw_tag() function in drivers/md/dm-integrity.c. A local user can perform a denial of service (DoS) attack.
136) Race condition within a thread (CVE-ID: CVE-2024-26861)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the decrypt_packet(), counter_validate() and wg_packet_rx_poll() functions in drivers/net/wireguard/receive.c. A local user can manipulate data.
137) Race condition within a thread (CVE-ID: CVE-2024-26862)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the packet_setsockopt() and packet_getsockopt() functions in net/packet/af_packet.c, within the dev_queue_xmit_nit() function in net/core/dev.c. A local user can manipulate data.
138) Use-after-free (CVE-ID: CVE-2024-26866)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c. A local user can escalate privileges on the system.
139) NULL pointer dereference (CVE-ID: CVE-2024-26868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ff_layout_cancel_io() function in fs/nfs/flexfilelayout/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2024-26870)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the nfs4_listxattr() function in fs/nfs/nfs4proc.c. A local user can escalate privileges on the system.
141) NULL pointer dereference (CVE-ID: CVE-2024-26878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dquot_mark_dquot_dirty(), __dquot_alloc_space(), dquot_alloc_inode(), EXPORT_SYMBOL(), dquot_claim_space_nodirty(), dquot_reclaim_space_nodirty(), __dquot_free_space(), dquot_free_inode() and __dquot_transfer() functions in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
142) NULL pointer dereference (CVE-ID: CVE-2024-26881)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hclge_ptp_get_rx_hwts() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_ptp.c. A local user can perform a denial of service (DoS) attack.
143) Use of uninitialized resource (CVE-ID: CVE-2024-26882)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to use of uninitialized resource within the ip_tunnel_rcv() function in net/ipv4/ip_tunnel.c. A local user can execute arbitrary code.
144) Buffer overflow (CVE-ID: CVE-2024-26883)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the stack_map_alloc() function in kernel/bpf/stackmap.c on a 32-bit platform. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
145) Buffer overflow (CVE-ID: CVE-2024-26884)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the htab_map_alloc() function in kernel/bpf/hashtab.c on 32-bit platforms. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
146) Buffer overflow (CVE-ID: CVE-2024-26885)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the dev_map_init_map() function in kernel/bpf/devmap.c. A local user can trigger memory corruption and execute arbitrary code with elevated privileges.
147) Use-after-free (CVE-ID: CVE-2024-26898)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tx() function in drivers/block/aoe/aoenet.c, within the aoecmd_cfg_pkts() function in drivers/block/aoe/aoecmd.c. A local user can escalate privileges on the system.
148) Improper locking (CVE-ID: CVE-2024-26899)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the DEFINE_MUTEX(), bd_link_disk_holder(), kfree() and bd_unlink_disk_holder() functions in block/holder.c. A local user can perform a denial of service (DoS) attack.
149) Memory leak (CVE-ID: CVE-2024-26900)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.
150) Information disclosure (CVE-ID: CVE-2024-26901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to information disclosure within the do_sys_name_to_handle() function in fs/fhandle.c. A local user can perform a denial of service (DoS) attack.
151) NULL pointer dereference (CVE-ID: CVE-2024-26903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rfcomm_process_rx() function in net/bluetooth/rfcomm/core.c. A local user can perform a denial of service (DoS) attack.
152) Improper error handling (CVE-ID: CVE-2024-26906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the copy_from_kernel_nofault_allowed() function in arch/x86/mm/maccess.c. A local user can perform a denial of service (DoS) attack.
153) Use-after-free (CVE-ID: CVE-2024-26909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pmic_glink_altmode_probe() function in drivers/soc/qcom/pmic_glink_altmode.c. A local user can escalate privileges on the system.
154) Integer underflow (CVE-ID: CVE-2024-26921)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the nf_ct_frag6_queue() and nf_ct_frag6_gather() functions in net/ipv6/netfilter/nf_conntrack_reasm.c, within the ip_frag_queue() and ip_defrag() functions in net/ipv4/ip_fragment.c, within the FRAG_CB(), inet_frag_queue_insert(), inet_frag_reasm_prepare(), EXPORT_SYMBOL() and inet_frag_reasm_finish() functions in net/ipv4/inet_fragment.c. A local user can execute arbitrary code.
155) Input validation error (CVE-ID: CVE-2024-26922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the amdgpu_vm_bo_insert_map(), amdgpu_vm_bo_map(), amdgpu_vm_bo_replace_map(), and amdgpu_vm_bo_clear_mappings() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c. A local user can pass specially crafted input to the driver and perform a denial of service (DoS) attack.
156) Improper locking (CVE-ID: CVE-2024-26923)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improper locking within the unix_gc() function in net/unix/garbage.c due to garbage collector does not take into account the risk of embryo getting enqueued during the garbage collection. A local user can execute arbitrary code with elevated privileges.
157) Improper locking (CVE-ID: CVE-2024-26925)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __nf_tables_abort() and nf_tables_abort() functions in net/netfilter/nf_tables_api.c. A local user can perform a denial of service (DoS) attack.
158) Use-after-free (CVE-ID: CVE-2024-26928)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_debug_files_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
159) Double free (CVE-ID: CVE-2024-26932)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to a double free error within the tcpm_port_unregister_pd() function in drivers/usb/typec/tcpm/tcpm.c. A local user can execute arbitrary code.
160) Improper locking (CVE-ID: CVE-2024-26933)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can execute arbitrary code.
161) Improper locking (CVE-ID: CVE-2024-26934)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the interface_authorized_store() function in drivers/usb/core/sysfs.c. A local user can execute arbitrary code.
162) Information disclosure (CVE-ID: CVE-2024-26935)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
163) Reachable assertion (CVE-ID: CVE-2024-26937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the gen11_emit_fini_breadcrumb_rcs() function in drivers/gpu/drm/i915/gt/intel_lrc.c, within the __engine_park() function in drivers/gpu/drm/i915/gt/intel_engine_pm.c. A local user can perform a denial of service (DoS) attack.
164) Resource management error (CVE-ID: CVE-2024-26938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the intel_bios_encoder_supports_dp_dual_mode() function in drivers/gpu/drm/i915/display/intel_bios.c. A local user can perform a denial of service (DoS) attack.
165) Resource management error (CVE-ID: CVE-2024-26940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmw_debugfs_resource_managers_init() function in drivers/gpu/drm/vmwgfx/vmwgfx_drv.c. A local user can perform a denial of service (DoS) attack.
166) NULL pointer dereference (CVE-ID: CVE-2024-26943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nouveau_dmem_evict_chunk() function in drivers/gpu/drm/nouveau/nouveau_dmem.c. A local user can perform a denial of service (DoS) attack.
167) Division by zero (CVE-ID: CVE-2024-26945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the save_iaa_wq() and remove_iaa_wq() functions in drivers/crypto/intel/iaa/iaa_crypto_main.c. A local user can perform a denial of service (DoS) attack.
168) Input validation error (CVE-ID: CVE-2024-26946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the can_probe() function in arch/x86/kernel/kprobes/core.c. A local user can perform a denial of service (DoS) attack.
169) Input validation error (CVE-ID: CVE-2024-26948)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dc_state_free() function in drivers/gpu/drm/amd/display/dc/core/dc_state.c. A local user can perform a denial of service (DoS) attack.
170) NULL pointer dereference (CVE-ID: CVE-2024-26949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the smu_v13_0_7_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_7_ppt.c, within the smu_v13_0_0_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_0_ppt.c, within the sienna_cichlid_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/sienna_cichlid_ppt.c, within the navi10_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/navi10_ppt.c, within the arcturus_get_power_limit() function in drivers/gpu/drm/amd/pm/swsmu/smu11/arcturus_ppt.c. A local user can perform a denial of service (DoS) attack.
171) NULL pointer dereference (CVE-ID: CVE-2024-26950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the get_peer() function in drivers/net/wireguard/netlink.c. A local user can perform a denial of service (DoS) attack.
172) Use-after-free (CVE-ID: CVE-2024-26951)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the wg_get_device_dump() function in drivers/net/wireguard/netlink.c. A local user can escalate privileges on the system.
173) Buffer overflow (CVE-ID: CVE-2024-26956)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nilfs_direct_lookup_contig() function in fs/nilfs2/direct.c, within the nilfs_btree_lookup_contig() function in fs/nilfs2/btree.c. A local user can perform a denial of service (DoS) attack.
174) Use-after-free (CVE-ID: CVE-2024-26957)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zcrypt_pick_queue() and zcrypt_drop_queue() functions in drivers/s390/crypto/zcrypt_api.c. A local user can escalate privileges on the system.
175) Use-after-free (CVE-ID: CVE-2024-26958)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the , within the wait_on_commit() function in fs/nfs/write.c, within the nfs_direct_commit_schedule() function in fs/nfs/direct.c. A local user can escalate privileges on the system.
176) Race condition (CVE-ID: CVE-2024-26960)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the __swap_entry_free_locked() and free_swap_and_cache() functions in mm/swapfile.c. A local user can escalate privileges on the system.
177) Use-after-free (CVE-ID: CVE-2024-26961)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mac802154_llsec_key_del_rcu() function in net/mac802154/llsec.c. A local user can escalate privileges on the system.
178) Improper locking (CVE-ID: CVE-2024-26962)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the make_stripe_request(), raid5_make_request(), raid5_start() and raid5_init() functions in drivers/md/raid5.c, within the is_suspended() and md_account_bio() functions in drivers/md/md.c, within the raid_map(), raid_message(), raid_presuspend() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
179) Resource management error (CVE-ID: CVE-2024-26963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dwc3_ti_remove_core() and dwc3_ti_remove() functions in drivers/usb/dwc3/dwc3-am62.c. A local user can perform a denial of service (DoS) attack.
180) NULL pointer dereference (CVE-ID: CVE-2024-26964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the xhci_map_temp_buffer() function in drivers/usb/host/xhci.c. A local user can perform a denial of service (DoS) attack.
181) Memory leak (CVE-ID: CVE-2024-26972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mutex_unlock() function in fs/ubifs/dir.c. A local user can perform a denial of service (DoS) attack.
182) Information disclosure (CVE-ID: CVE-2024-26973)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the fat_encode_fh_nostale() function in fs/fat/nfs.c. A local user can gain access to sensitive information.
183) NULL pointer dereference (CVE-ID: CVE-2024-26978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the max310x_i2c_slave_addr() function in drivers/tty/serial/max310x.c. A local user can perform a denial of service (DoS) attack.
184) NULL pointer dereference (CVE-ID: CVE-2024-26979)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the vmw_resource_context_res_add(), vmw_cmd_dx_define_query(), vmw_cmd_dx_view_define(), vmw_cmd_dx_so_define(), vmw_cmd_dx_define_shader() and vmw_cmd_dx_define_streamoutput() functions in drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c. A local user can perform a denial of service (DoS) attack.
185) Out-of-bounds read (CVE-ID: CVE-2024-26981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nilfs_type_by_mode[() function in fs/nilfs2/dir.c. A local user can perform a denial of service (DoS) attack.
186) Input validation error (CVE-ID: CVE-2024-26982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the squashfs_new_inode() function in fs/squashfs/inode.c. A local user can perform a denial of service (DoS) attack.
187) Use-after-free (CVE-ID: CVE-2024-26983)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the xbc_alloc_mem(), xbc_parse_tree() and xbc_init() functions in lib/bootconfig.c. A local user can escalate privileges on the system.
188) NULL pointer dereference (CVE-ID: CVE-2024-26984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nv50_instobj_acquire() function in drivers/gpu/drm/nouveau/nvkm/subdev/instmem/nv50.c. A local user can perform a denial of service (DoS) attack.
189) Memory leak (CVE-ID: CVE-2024-26986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kfd_create_process() function in drivers/gpu/drm/amd/amdkfd/kfd_process.c. A local user can perform a denial of service (DoS) attack.
190) Buffer overflow (CVE-ID: CVE-2024-26988)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the setup_command_line() function in init/main.c. A local user can escalate privileges on the system.
191) Resource management error (CVE-ID: CVE-2024-26989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kernel_page_present() function in arch/arm64/mm/pageattr.c. A local user can perform a denial of service (DoS) attack.
192) Incorrect calculation (CVE-ID: CVE-2024-26990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the kvm_tdp_mmu_try_split_huge_pages(), kvm_tdp_mmu_clear_dirty_slot() and clear_dirty_pt_masked() functions in arch/x86/kvm/mmu/tdp_mmu.c. A local user can perform a denial of service (DoS) attack.
193) Out-of-bounds read (CVE-ID: CVE-2024-26991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the kvm_arch_post_set_memory_attributes() function in arch/x86/kvm/mmu/mmu.c. A local user can perform a denial of service (DoS) attack.
194) Information disclosure (CVE-ID: CVE-2024-26992)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the vmx_get_perf_capabilities() function in arch/x86/kvm/vmx/vmx.c. A local user can gain access to sensitive information.
195) Information disclosure (CVE-ID: CVE-2024-26993)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sysfs_break_active_protection() function in fs/sysfs/file.c. A local user can gain access to sensitive information.
196) Buffer overflow (CVE-ID: CVE-2024-26994)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the get_word() function in drivers/accessibility/speakup/main.c. A local user can perform a denial of service (DoS) attack.
197) Off-by-one (CVE-ID: CVE-2024-26995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the tcpm_pd_set() function in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
198) Use-after-free (CVE-ID: CVE-2024-26996)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ncm_set_alt() and ncm_disable() functions in drivers/usb/gadget/function/f_ncm.c. A local user can escalate privileges on the system.
199) Input validation error (CVE-ID: CVE-2024-26997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the dwc2_cmpl_host_isoc_dma_desc() function in drivers/usb/dwc2/hcd_ddma.c in DDMA completion flow. A local user can perform a denial of service (DoS) attack.
200) Improper locking (CVE-ID: CVE-2024-26999)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the pmz_receive_chars() function in drivers/tty/serial/pmac_zilog.c. A local user can perform a denial of service (DoS) attack.
201) Improper locking (CVE-ID: CVE-2024-27000)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mxs_auart_set_ldisc() and mxs_auart_irq_handle() functions in drivers/tty/serial/mxs-auart.c. A local user can perform a denial of service (DoS) attack.
202) Resource management error (CVE-ID: CVE-2024-27001)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the vmk80xx_find_usb_endpoints() function in drivers/comedi/drivers/vmk80xx.c. A local user can perform a denial of service (DoS) attack.
203) Improper locking (CVE-ID: CVE-2024-27002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mtk_clk_simple_probe() and mtk_free_clk_data() functions in drivers/clk/mediatek/clk-mtk.c. A local user can perform a denial of service (DoS) attack.
204) Improper locking (CVE-ID: CVE-2024-27003)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the clk_summary_show_subtree(), clk_summary_show() and clk_dump_show() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
205) Improper locking (CVE-ID: CVE-2024-27004)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the HLIST_HEAD(), clk_pm_runtime_put(), clk_unprepare_unused_subtree(), clk_disable_unused_subtree(), __setup(), clk_disable_unused(), __clk_release() and __clk_register() functions in drivers/clk/clk.c. A local user can perform a denial of service (DoS) attack.
206) Out-of-bounds read (CVE-ID: CVE-2024-27008)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the apply_dcb_encoder_quirks() and fabricate_dcb_encoder_table() functions in drivers/gpu/drm/nouveau/nouveau_bios.c. A local user can perform a denial of service (DoS) attack.
207) Improper locking (CVE-ID: CVE-2024-27013)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the tun_put_user() function in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
208) Improper locking (CVE-ID: CVE-2024-27014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_arfs_enable(), arfs_del_rules(), arfs_handle_work() and mlx5e_rx_flow_steer() functions in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
209) Improper locking (CVE-ID: CVE-2024-27022)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to improper locking within the dup_mmap() function in kernel/fork.c. A local user can execute arbitrary code.
210) Incorrect calculation (CVE-ID: CVE-2024-27027)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the dpll_xa_ref_pin_del() and dpll_xa_ref_dpll_del() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
211) NULL pointer dereference (CVE-ID: CVE-2024-27028)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_spi_interrupt() function in drivers/spi/spi-mt65xx.c. A local user can perform a denial of service (DoS) attack.
212) Out-of-bounds read (CVE-ID: CVE-2024-27029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mmhub_v3_3_print_l2_protection_fault_status() function in drivers/gpu/drm/amd/amdgpu/mmhub_v3_3.c. A local user can perform a denial of service (DoS) attack.
213) Race condition (CVE-ID: CVE-2024-27030)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the rvu_queue_work(), rvu_mbox_intr_handler() and rvu_register_interrupts() functions in drivers/net/ethernet/marvell/octeontx2/af/rvu.c. A local user can escalate privileges on the system.
214) Improper locking (CVE-ID: CVE-2024-27031)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nfs_netfs_issue_read() function in fs/nfs/fscache.c. A local user can perform a denial of service (DoS) attack.
215) Infinite loop (CVE-ID: CVE-2024-27036)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the cifs_partialpagewrite(), cifs_extend_writeback(), cifs_write_back_from_locked_folio(), cifs_writepages_region() and cifs_writepages() functions in fs/smb/client/file.c. A local user can perform a denial of service (DoS) attack.
216) NULL pointer dereference (CVE-ID: CVE-2024-27046)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nfp_fl_lag_do_work() function in drivers/net/ethernet/netronome/nfp/flower/lag_conf.c. A local user can perform a denial of service (DoS) attack.
217) Resource management error (CVE-ID: CVE-2024-27056)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the iwl_mvm_sta_ensure_queue() function in drivers/net/wireless/intel/iwlwifi/mvm/sta.c, within the __iwl_mvm_suspend() function in drivers/net/wireless/intel/iwlwifi/mvm/d3.c. A local user can perform a denial of service (DoS) attack.
218) Resource management error (CVE-ID: CVE-2024-27057)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sof_ipc4_set_multi_pipeline_state() function in sound/soc/sof/ipc4-pcm.c. A local user can perform a denial of service (DoS) attack.
219) Race condition (CVE-ID: CVE-2024-27062)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the nvkm_object_search() and nvkm_object_remove() functions in drivers/gpu/drm/nouveau/nvkm/core/object.c, within the nvkm_client_new() function in drivers/gpu/drm/nouveau/nvkm/core/client.c. A local user can escalate privileges on the system.
220) Resource management error (CVE-ID: CVE-2024-27067)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the evtchn_free_ring(), evtchn_interrupt() and evtchn_unbind_from_user() functions in drivers/xen/evtchn.c. A local user can perform a denial of service (DoS) attack.
221) Improper locking (CVE-ID: CVE-2024-27080)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the try_release_extent_state(), flush_fiemap_cache(), emit_fiemap_extent(), fiemap_search_slot(), fiemap_process_hole(), extent_fiemap(), i_size_read() and unlock_extent() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
222) Memory leak (CVE-ID: CVE-2024-27388)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the gssx_dec_option_array() function in net/sunrpc/auth_gss/gss_rpc_xdr.c. A local user can perform a denial of service (DoS) attack.
223) Resource management error (CVE-ID: CVE-2024-27389)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the pstore_put_backend_records() function in fs/pstore/inode.c. A local user can perform a denial of service (DoS) attack.
224) Memory leak (CVE-ID: CVE-2024-27393)
The vulnerability allows a malicious guest to perform DoS attack on the target system.
The vulnerability exists due memory leak within the xennet_alloc_one_rx_buffer() function in xen-netback implementation. A malicious guest userspace process can exhaust memory resources within the guest kernel and perform a denial of service (DoS) attack.
225) Use-after-free (CVE-ID: CVE-2024-27395)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ovs_ct_limit_exit() function in net/openvswitch/conntrack.c. A local user can escalate privileges on the system.
226) Use-after-free (CVE-ID: CVE-2024-27396)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the gtp_dellink() function in drivers/net/gtp.c. A local user can escalate privileges on the system.
227) Use-after-free (CVE-ID: CVE-2024-27398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
228) NULL pointer dereference (CVE-ID: CVE-2024-27399)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
229) Resource management error (CVE-ID: CVE-2024-27400)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources in amdgpu driver. A local user can crash the OS kernel.
230) Buffer overflow (CVE-ID: CVE-2024-27401)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.
231) Buffer overflow (CVE-ID: CVE-2024-27405)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
232) Race condition (CVE-ID: CVE-2024-27408)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the dw_edma_v0_core_write_chunk() and dw_edma_v0_core_start() functions in drivers/dma/dw-edma/dw-edma-v0-core.c. A local user can escalate privileges on the system.
233) Resource management error (CVE-ID: CVE-2024-27410)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the nl80211_set_interface() function in net/wireless/nl80211.c. A local user can manipulate with the interface mesh ID and perform a denial of service (DoS) attack.
234) Buffer overflow (CVE-ID: CVE-2024-27411)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the r535_gsp_postinit() and r535_gsp_dtor() functions in drivers/gpu/drm/nouveau/nvkm/subdev/gsp/r535.c. A local user can perform a denial of service (DoS) attack.
235) Resource management error (CVE-ID: CVE-2024-27412)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bq27xxx_battery_i2c_remove() function in drivers/power/supply/bq27xxx_battery_i2c.c. A local user can perform a denial of service (DoS) attack.
236) Buffer overflow (CVE-ID: CVE-2024-27413)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the efi_capsule_open() function in drivers/firmware/efi/capsule-loader.c. A local user can escalate privileges on the system.
237) Information disclosure (CVE-ID: CVE-2024-27416)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to an error within the hci_io_capa_request_evt() function in net/bluetooth/hci_event.c when handling HCI_EV_IO_CAPA_REQUEST packets. A remote attacker on the local network can force the system to assume that the remote peer
does support SSP and potentially gain access to sensitive information.
238) Information disclosure (CVE-ID: CVE-2024-27417)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the inet6_rtm_getaddr() function in net/ipv6/addrconf.c. A local user can gain access to sensitive information.
239) Information disclosure (CVE-ID: CVE-2024-27418)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the mctp_local_output() function in net/mctp/route.c. A local user can gain access to sensitive information.
240) Use of uninitialized resource (CVE-ID: CVE-2024-27431)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the cpu_map_bpf_prog_run_xdp() function in kernel/bpf/cpumap.c. A local user can perform a denial of service (DoS) attack.
241) Resource management error (CVE-ID: CVE-2024-27432)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mtk_ppe_start() and mtk_ppe_stop() functions in drivers/net/ethernet/mediatek/mtk_ppe.c. A local user can perform a denial of service (DoS) attack.
242) Input validation error (CVE-ID: CVE-2024-27434)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iwl_mvm_get_sec_flags() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-key.c. A local user can perform a denial of service (DoS) attack.
243) Improper locking (CVE-ID: CVE-2024-27435)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_alloc_admin_tag_set() and nvme_alloc_io_tag_set() functions in drivers/nvme/host/core.c. A local user can perform a denial of service (DoS) attack.
244) Out-of-bounds write (CVE-ID: CVE-2024-27436)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to an out-of-bounds write within the convert_chmap() function in sound/usb/stream.c. A local user can execute arbitrary code.
245) Improper locking (CVE-ID: CVE-2024-35784)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the fiemap_process_hole(), extent_fiemap(), btrfs_free_path() and emit_last_fiemap_cache() functions in fs/btrfs/extent_io.c. A local user can perform a denial of service (DoS) attack.
246) Improper locking (CVE-ID: CVE-2024-35786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nouveau_gem_ioctl_pushbuf() function in drivers/gpu/drm/nouveau/nouveau_gem.c. A local user can perform a denial of service (DoS) attack.
247) Out-of-bounds read (CVE-ID: CVE-2024-35788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the dcn35_clk_mgr_helper_populate_bw_params() function in drivers/gpu/drm/amd/display/dc/clk_mgr/dcn35/dcn35_clk_mgr.c. A local user can perform a denial of service (DoS) attack.
248) Use-after-free (CVE-ID: CVE-2024-35789)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ieee80211_change_station() function in net/mac80211/cfg.c. A local user can escalate privileges on the system.
249) NULL pointer dereference (CVE-ID: CVE-2024-35790)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hpd_show(), dp_altmode_probe(), dp_altmode_remove() and module_typec_altmode_driver() functions in drivers/usb/typec/altmodes/displayport.c. A local user can perform a denial of service (DoS) attack.
250) Use-after-free (CVE-ID: CVE-2024-35791)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the svm_register_enc_region() function in arch/x86/kvm/svm/sev.c. A local user can escalate privileges on the system.
251) Improper locking (CVE-ID: CVE-2024-35794)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the md_clean() and __md_stop_writes() functions in drivers/md/md.c, within the raid_message(), raid_postsuspend(), raid_preresume() and raid_resume() functions in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
252) Improper locking (CVE-ID: CVE-2024-35795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the amdgpu_debugfs_mqd_read() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ring.c. A local user can perform a denial of service (DoS) attack.
253) NULL pointer dereference (CVE-ID: CVE-2024-35796)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the temac_probe() function in drivers/net/ethernet/xilinx/ll_temac_main.c. A local user can perform a denial of service (DoS) attack.
254) Input validation error (CVE-ID: CVE-2024-35799)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the dce110_disable_stream() function in drivers/gpu/drm/amd/display/dc/dce110/dce110_hw_sequencer.c. A local user can perform a denial of service (DoS) attack.
255) NULL pointer dereference (CVE-ID: CVE-2024-35800)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the generic_ops_supported() function in drivers/firmware/efi/efi.c. A local user can perform a denial of service (DoS) attack.
256) Input validation error (CVE-ID: CVE-2024-35801)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the fpu__init_cpu_xstate() function in arch/x86/kernel/fpu/xstate.c. A local user can perform a denial of service (DoS) attack.
257) Buffer overflow (CVE-ID: CVE-2024-35803)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the SYM_FUNC_START(), SYM_FUNC_START_LOCAL() and SYM_DATA_END() functions in arch/x86/boot/compressed/efi_mixed.S. A local user can perform a denial of service (DoS) attack.
258) Buffer overflow (CVE-ID: CVE-2024-35804)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the emulator_cmpxchg_emulated() function in arch/x86/kvm/x86.c. A local user can perform a denial of service (DoS) attack.
259) Improper locking (CVE-ID: CVE-2024-35806)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qm_congestion_task() and qman_create_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
260) Improper locking (CVE-ID: CVE-2024-35808)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the raid_message() function in drivers/md/dm-raid.c. A local user can perform a denial of service (DoS) attack.
261) Improper error handling (CVE-ID: CVE-2024-35809)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the pci_device_remove() function in drivers/pci/pci-driver.c. A local user can perform a denial of service (DoS) attack.
262) Buffer overflow (CVE-ID: CVE-2024-35810)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vmw_du_cursor_mob_size() and vmw_du_cursor_plane_cleanup_fb() functions in drivers/gpu/drm/vmwgfx/vmwgfx_kms.c. A local user can perform a denial of service (DoS) attack.
263) Use-after-free (CVE-ID: CVE-2024-35811)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the brcmf_notify_escan_complete() and brcmf_cfg80211_detach() functions in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c. A local user can escalate privileges on the system.
264) Improper error handling (CVE-ID: CVE-2024-35812)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the service_outstanding_interrupt() function in drivers/usb/class/cdc-wdm.c. A local user can perform a denial of service (DoS) attack.
265) Incorrect calculation (CVE-ID: CVE-2024-35813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __mmc_blk_ioctl_cmd() function in drivers/mmc/core/block.c. A local user can perform a denial of service (DoS) attack.
266) Resource management error (CVE-ID: CVE-2024-35814)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to double allocation of slots within the swiotlb_area_find_slots() function in kernel/dma/swiotlb.c. A local user can perform a denial of service (DoS) attack.
267) Resource management error (CVE-ID: CVE-2024-35815)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the aio_setup_ring() and kiocb_set_cancel_fn() functions in fs/aio.c. A local user can perform a denial of service (DoS) attack.
268) Resource management error (CVE-ID: CVE-2024-35817)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the amdgpu_ttm_gart_bind() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ttm.c. A local user can perform a denial of service (DoS) attack.
269) Improper locking (CVE-ID: CVE-2024-35819)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qman_create_portal(), qm_congestion_task(), qman_create_cgr(), qman_delete_cgr() and qman_update_cgr() functions in drivers/soc/fsl/qbman/qman.c. A local user can perform a denial of service (DoS) attack.
270) Improper locking (CVE-ID: CVE-2024-35821)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the write_begin_slow(), ubifs_write_begin() and ubifs_write_end() functions in fs/ubifs/file.c. A local user can perform a denial of service (DoS) attack.
271) Improper locking (CVE-ID: CVE-2024-35822)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usb_ep_queue() function in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
272) Buffer overflow (CVE-ID: CVE-2024-35823)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the vc_uniscr_delete() function in drivers/tty/vt/vt.c. A local user can perform a denial of service (DoS) attack.
273) Resource management error (CVE-ID: CVE-2024-35824)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the lis3lv02d_i2c_suspend() and lis3lv02d_i2c_resume() functions in drivers/misc/lis3lv02d/lis3lv02d_i2c.c. A local user can perform a denial of service (DoS) attack.
274) Buffer overflow (CVE-ID: CVE-2024-35825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the drivers/usb/gadget/function/f_ncm.c. A local user can perform a denial of service (DoS) attack.
275) Memory leak (CVE-ID: CVE-2024-35828)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lbs_allocate_cmd_buffer() function in drivers/net/wireless/marvell/libertas/cmd.c. A local user can perform a denial of service (DoS) attack.
276) Memory leak (CVE-ID: CVE-2024-35829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lima_heap_alloc() function in drivers/gpu/drm/lima/lima_gem.c. A local user can perform a denial of service (DoS) attack.
277) Resource management error (CVE-ID: CVE-2024-35830)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tc358743_probe() function in drivers/media/i2c/tc358743.c. A local user can perform a denial of service (DoS) attack.
278) Memory leak (CVE-ID: CVE-2024-35833)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the drivers/dma/fsl-qdma.c. A local user can perform a denial of service (DoS) attack.
279) Improper locking (CVE-ID: CVE-2024-35834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xsk_rcv_zc() function in net/xdp/xsk.c. A local user can perform a denial of service (DoS) attack.
280) Double free (CVE-ID: CVE-2024-35835)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the arfs_create_groups() function in drivers/net/ethernet/mellanox/mlx5/core/en_arfs.c. A local user can perform a denial of service (DoS) attack.
281) Use-after-free (CVE-ID: CVE-2024-35836)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dpll_msg_add_pin_freq(), dpll_pin_is_freq_supported(), dpll_cmd_pin_get_one(), dpll_pin_on_pin_state_set(), dpll_pin_state_set(), dpll_pin_prio_set(), dpll_pin_direction_set(), dpll_pin_phase_adj_set() and dpll_pin_find() functions in drivers/dpll/dpll_netlink.c, within the dpll_device_unregister(), dpll_pin_alloc(), dpll_pin_put() and dpll_pin_on_pin_register() functions in drivers/dpll/dpll_core.c. A local user can escalate privileges on the system.
282) Use of uninitialized resource (CVE-ID: CVE-2024-35837)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the mvpp2_bm_pool_cleanup() and mvpp2_bm_init() functions in drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c. A local user can perform a denial of service (DoS) attack.
283) Information disclosure (CVE-ID: CVE-2024-35838)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the sta_info_free() function in net/mac80211/sta_info.c. A local user can gain access to sensitive information.
284) Infinite loop (CVE-ID: CVE-2024-35841)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the net/tls/tls_sw.c. A local user can perform a denial of service (DoS) attack.
285) NULL pointer dereference (CVE-ID: CVE-2024-35842)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mtk_sof_dai_link_fixup() function in sound/soc/mediatek/common/mtk-dsp-sof-common.c. A local user can perform a denial of service (DoS) attack.
286) Input validation error (CVE-ID: CVE-2024-35845)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the iwl_dbg_tlv_alloc_debug_info() function in drivers/net/wireless/intel/iwlwifi/iwl-dbg-tlv.c. A local user can perform a denial of service (DoS) attack.
287) Double free (CVE-ID: CVE-2024-35847)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the its_vpe_irq_domain_alloc() function in drivers/irqchip/irq-gic-v3-its.c. A local user can perform a denial of service (DoS) attack.
288) Information disclosure (CVE-ID: CVE-2024-35849)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the init_data_container() function in fs/btrfs/backref.c. A local user can gain access to sensitive information.
289) NULL pointer dereference (CVE-ID: CVE-2024-35850)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_debugfs_init() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
290) NULL pointer dereference (CVE-ID: CVE-2024-35851)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qca_prevent_wake() function in drivers/bluetooth/hci_qca.c. A local user can perform a denial of service (DoS) attack.
291) Memory leak (CVE-ID: CVE-2024-35852)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mlxsw_sp_acl_tcam_vregion_destroy() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
292) Use-after-free (CVE-ID: CVE-2024-35854)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mlxsw_sp_acl_tcam_vregion_rehash() function in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can escalate privileges on the system.
293) Incorrect calculation (CVE-ID: CVE-2024-35860)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the bpf_kprobe_multi_link_fill_link_info() and bpf_uprobe_multi_link_dealloc() functions in kernel/trace/bpf_trace.c, within the bpf_link_inc() and bpf_raw_tp_link_fill_link_info() functions in kernel/bpf/syscall.c. A local user can perform a denial of service (DoS) attack.
294) Use-after-free (CVE-ID: CVE-2024-35861)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_signal_cifsd_for_reconnect() function in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
295) Use-after-free (CVE-ID: CVE-2024-35862)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_network_name_deleted() function in fs/smb/client/smb2ops.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
296) Use-after-free (CVE-ID: CVE-2024-35863)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the is_valid_oplock_break() function in fs/smb/client/misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
297) Use-after-free (CVE-ID: CVE-2024-35864)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_lease_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
298) Use-after-free (CVE-ID: CVE-2024-35865)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the smb2_is_valid_oplock_break() function in fs/smb/client/smb2misc.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
299) Use-after-free (CVE-ID: CVE-2024-35866)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_dump_full_key() function in fs/smb/client/ioctl.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
300) Use-after-free (CVE-ID: CVE-2024-35867)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_show() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
301) Use-after-free (CVE-ID: CVE-2024-35868)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_stats_proc_write() function in fs/smb/client/cifs_debug.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
302) Use-after-free (CVE-ID: CVE-2024-35869)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the tcon_info_alloc() and tconInfoFree() functions in fs/smb/client/misc.c, within the dfs_cache_remount_fs() function in fs/smb/client/dfs_cache.c, within the get_session(), __dfs_mount_share() and dfs_mount_share() functions in fs/smb/client/dfs.c, within the match_session(), cifs_get_smb_ses(), cifs_mount_put_conns() and cifs_mount() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
303) Use-after-free (CVE-ID: CVE-2024-35870)
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the cifs_mark_tcp_ses_conns_for_reconnect() and cifs_find_smb_ses() functions in fs/smb/client/connect.c. A remote non-authenticated attacker can perform a denial of service (DoS) attack.
304) Resource management error (CVE-ID: CVE-2024-35872)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/secretmem.h. A local user can perform a denial of service (DoS) attack.
305) Input validation error (CVE-ID: CVE-2024-35875)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the setup_arch() function in arch/x86/kernel/setup.c, within the cc_mkdec() function in arch/x86/coco/core.c. A local user can perform a denial of service (DoS) attack.
306) Memory leak (CVE-ID: CVE-2024-35877)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the follow_phys() function in mm/memory.c, within the is_cow_mapping(), free_pfn_range() and untrack_pfn() functions in arch/x86/mm/pat.c. A local user can perform a denial of service (DoS) attack.
307) NULL pointer dereference (CVE-ID: CVE-2024-35878)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the of_modalias() function in drivers/of/module.c. A local user can perform a denial of service (DoS) attack.
308) Memory leak (CVE-ID: CVE-2024-35879)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pr_fmt() and of_changeset_destroy() functions in drivers/of/dynamic.c. A local user can perform a denial of service (DoS) attack.
309) Memory leak (CVE-ID: CVE-2024-35883)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the pci1xxxx_spi_probe() function in drivers/spi/spi-pci1xxxx.c. A local user can perform a denial of service (DoS) attack.
310) NULL pointer dereference (CVE-ID: CVE-2024-35885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mlxbf_gige_shutdown() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
311) Use-after-free (CVE-ID: CVE-2024-35887)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ax25_dev_device_down() function in net/ax25/ax25_dev.c. A local user can escalate privileges on the system.
312) Input validation error (CVE-ID: CVE-2024-35889)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the idpf_rx_process_skb_fields() function in drivers/net/ethernet/intel/idpf/idpf_txrx.c when handling unknown packet types. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.
313) NULL pointer dereference (CVE-ID: CVE-2024-35891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the lan8814_txtstamp(), lan8814_get_sig_rx(), lan8814_match_rx_ts(), lan8814_ptpci_adjfine(), lan8814_get_sig_tx(), lan8814_dequeue_tx_skb() and lan8814_match_skb() functions in drivers/net/phy/micrel.c. A local user can perform a denial of service (DoS) attack.
314) Improper locking (CVE-ID: CVE-2024-35895)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __sock_map_delete() and sock_hash_delete_elem() functions in net/core/sock_map.c. A local user can perform a denial of service (DoS) attack.
315) Resource management error (CVE-ID: CVE-2024-35901)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mana_get_rxbuf_cfg() function in drivers/net/ethernet/microsoft/mana/mana_en.c. A local user can perform a denial of service (DoS) attack.
316) Input validation error (CVE-ID: CVE-2024-35903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the emit_call() function in arch/x86/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
317) NULL pointer dereference (CVE-ID: CVE-2024-35904)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the init_sel_fs() function in security/selinux/selinuxfs.c. A local user can perform a denial of service (DoS) attack.
318) Out-of-bounds read (CVE-ID: CVE-2024-35905)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the check_stack_access_within_bounds() function in kernel/bpf/verifier.c. A local user can perform a denial of service (DoS) attack.
319) Out-of-bounds read (CVE-ID: CVE-2024-35907)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mlxbf_gige_open() function in drivers/net/ethernet/mellanox/mlxbf_gige/mlxbf_gige_main.c. A local user can perform a denial of service (DoS) attack.
320) Buffer overflow (CVE-ID: CVE-2024-35909)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the t7xx_pcie_mac_atr_tables_dis() and t7xx_pcie_mac_atr_cfg() functions in drivers/net/wwan/t7xx/t7xx_pcie_mac.c, within the t7xx_cldma_gpd_rx_from_q() and t7xx_cldma_txq_empty_hndl() functions in drivers/net/wwan/t7xx/t7xx_hif_cldma.c, within the t7xx_cldma_tx_addr_is_set() and t7xx_cldma_hw_set_start_addr() functions in drivers/net/wwan/t7xx/t7xx_cldma.c. A local user can escalate privileges on the system.
321) NULL pointer dereference (CVE-ID: CVE-2024-35911)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ice_vsi_rebuild() function in drivers/net/ethernet/intel/ice/ice_lib.c. A local user can perform a denial of service (DoS) attack.
322) Memory leak (CVE-ID: CVE-2024-35912)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the iwl_rfi_get_freq_table() function in drivers/net/wireless/intel/iwlwifi/mvm/rfi.c. A local user can perform a denial of service (DoS) attack.
323) Improper locking (CVE-ID: CVE-2024-35914)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lock_rename() and unlock_rename() functions in fs/nfsd/vfs.c. A local user can perform a denial of service (DoS) attack.
324) Use of uninitialized resource (CVE-ID: CVE-2024-35915)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the nci_rx_work() function in net/nfc/nci/core.c. A local user can perform a denial of service (DoS) attack.
325) NULL pointer dereference (CVE-ID: CVE-2024-35916)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sanitycheck() function in drivers/dma-buf/st-dma-fence-chain.c. A local user can perform a denial of service (DoS) attack.
326) NULL pointer dereference (CVE-ID: CVE-2024-35917)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the bpf_skip(), asm(), bpf_jit_epilogue(), bpf_int_jit_compile(), bpf_jit_supports_far_kfunc_call() and bpf_arch_text_poke() functions in arch/s390/net/bpf_jit_comp.c. A local user can perform a denial of service (DoS) attack.
327) Improper Initialization (CVE-ID: CVE-2024-35921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the vdec_hevc_slice_init() function in drivers/media/platform/mediatek/vcodec/decoder/vdec/vdec_hevc_req_multi_if.c. A local user can perform a denial of service (DoS) attack.
328) Division by zero (CVE-ID: CVE-2024-35922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a division by zero error within the fb_get_mode() and fb_videomode_from_videomode() functions in drivers/video/fbdev/core/fbmon.c. A local user can perform a denial of service (DoS) attack.
329) Buffer overflow (CVE-ID: CVE-2024-35924)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ucsi_read_message_in(), ucsi_read_error(), ucsi_send_command() and ucsi_register() functions in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
330) Use of uninitialized resource (CVE-ID: CVE-2024-35927)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the reschedule_output_poll_work() and EXPORT_SYMBOL() functions in drivers/gpu/drm/drm_probe_helper.c, within the drm_mode_config_helper_suspend() and drm_mode_config_helper_resume() functions in drivers/gpu/drm/drm_modeset_helper.c. A local user can perform a denial of service (DoS) attack.
331) Memory leak (CVE-ID: CVE-2024-35928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_device_init() and amdgpu_vf_error_trans_all() functions in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
332) Memory leak (CVE-ID: CVE-2024-35930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the lpfc_rcv_padisc() function in drivers/scsi/lpfc/lpfc_nportdisc.c. A local user can perform a denial of service (DoS) attack.
333) Improper error handling (CVE-ID: CVE-2024-35931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the amdgpu_pci_slot_reset() function in drivers/gpu/drm/amd/amdgpu/amdgpu_device.c. A local user can perform a denial of service (DoS) attack.
334) Use-after-free (CVE-ID: CVE-2024-35932)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vc4_prepare_fb() and vc4_cleanup_fb() functions in drivers/gpu/drm/vc4/vc4_plane.c. A local user can escalate privileges on the system.
335) NULL pointer dereference (CVE-ID: CVE-2024-35933)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the btintel_read_version() function in drivers/bluetooth/btintel.c. A local user can perform a denial of service (DoS) attack.
336) Improper error handling (CVE-ID: CVE-2024-35935)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the iterate_inode_ref() function in fs/btrfs/send.c. A local user can perform a denial of service (DoS) attack.
337) Improper error handling (CVE-ID: CVE-2024-35936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the mutex_unlock() function in fs/btrfs/volumes.c. A local user can perform a denial of service (DoS) attack.
338) Out-of-bounds read (CVE-ID: CVE-2024-35937)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ieee80211_amsdu_subframe_length(), ieee80211_is_valid_amsdu() and ieee80211_amsdu_to_8023s() functions in net/wireless/util.c. A local user can perform a denial of service (DoS) attack.
339) Buffer overflow (CVE-ID: CVE-2024-35938)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ARRAY_SIZE() function in drivers/net/wireless/ath/ath11k/mhi.c. A local user can perform a denial of service (DoS) attack.
340) NULL pointer dereference (CVE-ID: CVE-2024-35940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the psz_kmsg_read() function in fs/pstore/zone.c. A local user can perform a denial of service (DoS) attack.
341) NULL pointer dereference (CVE-ID: CVE-2024-35943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the omap_prm_domain_init() function in drivers/pmdomain/ti/omap_prm.c. A local user can perform a denial of service (DoS) attack.
342) Resource management error (CVE-ID: CVE-2024-35944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the dg_dispatch_as_host() function in drivers/misc/vmw_vmci/vmci_datagram.c. A local user can perform a denial of service (DoS) attack.
343) Improper error handling (CVE-ID: CVE-2024-35945)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the phy_sfp_probe(), phy_attach_direct() and phy_get_internal_delay() functions in drivers/net/phy/phy_device.c. A local user can perform a denial of service (DoS) attack.
344) NULL pointer dereference (CVE-ID: CVE-2024-35946)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rtw89_ops_bss_info_changed() and rtw89_ops_remain_on_channel() functions in drivers/net/wireless/realtek/rtw89/mac80211.c. A local user can perform a denial of service (DoS) attack.
345) Improper error handling (CVE-ID: CVE-2024-35947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.
346) Use-after-free (CVE-ID: CVE-2024-35950)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the drm_client_modeset_probe() function in drivers/gpu/drm/drm_client_modeset.c. A local user can escalate privileges on the system.
347) Improper resource shutdown or release (CVE-ID: CVE-2024-35951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to failure to properly release resources within the panfrost_mmu_map_fault_addr() and sg_free_table() functions in drivers/gpu/drm/panfrost/panfrost_mmu.c. A local user can perform a denial of service (DoS) attack.
348) Improper locking (CVE-ID: CVE-2024-35952)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ast_dp_set_on_off() function in drivers/gpu/drm/ast/ast_dp.c. A local user can perform a denial of service (DoS) attack.
349) Improper locking (CVE-ID: CVE-2024-35953)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ivpu_dev_init() function in drivers/accel/ivpu/ivpu_drv.c. A local user can perform a denial of service (DoS) attack.
350) NULL pointer dereference (CVE-ID: CVE-2024-35954)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the sg_remove_sfp_usercontext() function in drivers/scsi/sg.c. A local user can perform a denial of service (DoS) attack.
351) Use-after-free (CVE-ID: CVE-2024-35955)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the check_kprobe_address_safe() function in kernel/kprobes.c. A local user can escalate privileges on the system.
352) Information disclosure (CVE-ID: CVE-2024-35956)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the btrfs_subvolume_reserve_metadata() function in fs/btrfs/root-tree.c, within the create_subvol() and create_snapshot() functions in fs/btrfs/ioctl.c, within the btrfs_delete_subvolume() and btrfs_end_transaction() functions in fs/btrfs/inode.c. A local user can gain access to sensitive information.
353) Resource management error (CVE-ID: CVE-2024-35958)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ena_unmap_tx_buff() and ena_free_tx_bufs() functions in drivers/net/ethernet/amazon/ena/ena_netdev.c. A local user can perform a denial of service (DoS) attack.
354) Improper locking (CVE-ID: CVE-2024-35959)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5e_priv_cleanup() function in drivers/net/ethernet/mellanox/mlx5/core/en_main.c, within the mlx5e_selq_init() and mlx5e_selq_cleanup() functions in drivers/net/ethernet/mellanox/mlx5/core/en/selq.c. A local user can perform a denial of service (DoS) attack.
355) Improper Initialization (CVE-ID: CVE-2024-35960)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the add_rule_fg() function in drivers/net/ethernet/mellanox/mlx5/core/fs_core.c. A local user can perform a denial of service (DoS) attack.
356) Improper locking (CVE-ID: CVE-2024-35961)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mlx5_sf_dev_remove() function in drivers/net/ethernet/mellanox/mlx5/core/sf/dev/driver.c, within the mlx5_init_one_devl_locked(), mlx5_init_one(), mlx5_uninit_one(), mlx5_init_one_light(), mlx5_uninit_one_light(), probe_one() and remove_one() functions in drivers/net/ethernet/mellanox/mlx5/core/main.c. A local user can perform a denial of service (DoS) attack.
357) Input validation error (CVE-ID: CVE-2024-35963)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the hci_sock_setsockopt_old() and hci_sock_setsockopt() functions in net/bluetooth/hci_sock.c. A local user can perform a denial of service (DoS) attack.
358) Input validation error (CVE-ID: CVE-2024-35964)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iso_sock_setsockopt() function in net/bluetooth/iso.c. A local user can perform a denial of service (DoS) attack.
359) Input validation error (CVE-ID: CVE-2024-35965)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the l2cap_sock_setsockopt_old() and l2cap_sock_setsockopt() functions in net/bluetooth/l2cap_sock.c. A local user can perform a denial of service (DoS) attack.
360) Out-of-bounds read (CVE-ID: CVE-2024-35966)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the rfcomm_sock_setsockopt_old() and rfcomm_sock_setsockopt() functions in net/bluetooth/rfcomm/sock.c. A local user can perform a denial of service (DoS) attack.
361) Out-of-bounds read (CVE-ID: CVE-2024-35967)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sco_sock_setsockopt() function in net/bluetooth/sco.c. A local user can perform a denial of service (DoS) attack.
362) Use-after-free (CVE-ID: CVE-2024-35969)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ipv6_get_ifaddr() function in net/ipv6/addrconf.c, within the in6_ifa_hold() function in include/net/addrconf.h. A local user can escalate privileges on the system.
363) Improper locking (CVE-ID: CVE-2024-35971)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ks8851_rx_pkts() and ks8851_irq() functions in drivers/net/ethernet/micrel/ks8851_common.c. A local user can perform a denial of service (DoS) attack.
364) Memory leak (CVE-ID: CVE-2024-35972)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the bnxt_rdma_aux_device_init() function in drivers/net/ethernet/broadcom/bnxt/bnxt_ulp.c. A local user can perform a denial of service (DoS) attack.
365) Use of uninitialized resource (CVE-ID: CVE-2024-35973)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the geneve_xmit_skb() and geneve6_xmit_skb() functions in drivers/net/geneve.c. A local user can perform a denial of service (DoS) attack.
366) Buffer overflow (CVE-ID: CVE-2024-35974)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the blk_alloc_queue() function in block/blk-core.c, within the blkcg_css_online() and blkcg_init_disk() functions in block/blk-cgroup.c. A local user can perform a denial of service (DoS) attack.
367) Memory leak (CVE-ID: CVE-2024-35975)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the otx2_qos_read_txschq_cfg_tl() function in drivers/net/ethernet/marvell/octeontx2/nic/qos.c. A local user can perform a denial of service (DoS) attack.
368) NULL pointer dereference (CVE-ID: CVE-2024-35977)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the cros_ec_uart_probe() function in drivers/platform/chrome/cros_ec_uart.c. A local user can perform a denial of service (DoS) attack.
369) Memory leak (CVE-ID: CVE-2024-35978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the hci_req_sync_complete() function in net/bluetooth/hci_request.c. A local user can perform a denial of service (DoS) attack.
370) Infinite loop (CVE-ID: CVE-2024-35981)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the virtnet_get_rxfh() and virtnet_probe() functions in drivers/net/virtio_net.c. A local user can perform a denial of service (DoS) attack.
371) Infinite loop (CVE-ID: CVE-2024-35982)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the batadv_tt_local_resize_to_mtu() function in net/batman-adv/translation-table.c. A local user can perform a denial of service (DoS) attack.
372) NULL pointer dereference (CVE-ID: CVE-2024-35984)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the i2c_check_for_quirks() function in drivers/i2c/i2c-core-base.c. A local user can perform a denial of service (DoS) attack.
373) Race condition (CVE-ID: CVE-2024-35986)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a race condition within the tusb1210_get_online() and tusb1210_remove_charger_detect() functions in drivers/phy/ti/phy-tusb1210.c. A local user can perform a denial of service (DoS) attack.
374) Resource management error (CVE-ID: CVE-2024-35989)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the perf_event_cpu_offline() function in drivers/dma/idxd/perfmon.c. A local user can perform a denial of service (DoS) attack.
375) Improper locking (CVE-ID: CVE-2024-35990)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the xilinx_dpdma_chan_vsync_irq(), xilinx_dpdma_issue_pending() and xilinx_dpdma_chan_err_task() functions in drivers/dma/xilinx/xilinx_dpdma.c. A local user can perform a denial of service (DoS) attack.
376) Improper locking (CVE-ID: CVE-2024-35991)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the process_evl_entries() function in drivers/dma/idxd/irq.c, within the idxd_init_evl() function in drivers/dma/idxd/init.c, within the idxd_device_evl_setup() and idxd_device_evl_free() functions in drivers/dma/idxd/device.c, within the debugfs_evl_show() function in drivers/dma/idxd/debugfs.c, within the idxd_cdev_evl_drain_pasid() function in drivers/dma/idxd/cdev.c. A local user can perform a denial of service (DoS) attack.
377) Out-of-bounds read (CVE-ID: CVE-2024-35992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the comphy_gbe_phy_init() function in drivers/phy/marvell/phy-mvebu-a3700-comphy.c. A local user can perform a denial of service (DoS) attack.
378) Buffer overflow (CVE-ID: CVE-2024-35995)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the show_cppc_data(), acpi_cppc_processor_probe(), cpc_read() and cpc_write() functions in drivers/acpi/cppc_acpi.c. A local user can perform a denial of service (DoS) attack.
379) Infinite loop (CVE-ID: CVE-2024-35997)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the __i2c_hid_command() and i2c_hid_irq() functions in drivers/hid/i2c-hid/i2c-hid-core.c. A local user can perform a denial of service (DoS) attack.
380) Race condition within a thread (CVE-ID: CVE-2024-35999)
The vulnerability allows a local user to manipulate data.
The vulnerability exists due to a data race within the cifs_pick_channel() function in fs/smb/client/transport.c. A local user can manipulate data.
381) NULL pointer dereference (CVE-ID: CVE-2024-36002)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dpll_device_get_by_id(), dpll_pin_registration_find(), dpll_xa_ref_pin_add(), dpll_xa_ref_pin_del(), dpll_xa_ref_dpll_add(), dpll_xa_ref_dpll_del(), EXPORT_SYMBOL_GPL(), __dpll_pin_register(), dpll_pin_register(), dpll_pin_unregister(), dpll_pin_on_pin_register() and dpll_pin_on_pin_unregister() functions in drivers/dpll/dpll_core.c. A local user can perform a denial of service (DoS) attack.
382) Resource management error (CVE-ID: CVE-2024-36006)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the mlxsw_sp_acl_tcam_vchunk_migrate_one() and mlxsw_sp_acl_tcam_vchunk_migrate_all() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
383) Incorrect calculation (CVE-ID: CVE-2024-36007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the mlxsw_sp_acl_tcam_vregion_rehash_work(), mlxsw_sp_acl_tcam_rehash_ctx_vregion_changed(), mlxsw_sp_acl_tcam_vchunk_migrate_end(), mlxsw_sp_acl_tcam_vchunk_migrate_one(), mlxsw_sp_acl_tcam_vregion_migrate() and mlxsw_sp_acl_tcam_vregion_rehash_start() functions in drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c. A local user can perform a denial of service (DoS) attack.
384) Incorrect calculation (CVE-ID: CVE-2024-36009)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the net/ax25/af_ax25.c. A local user can perform a denial of service (DoS) attack.
385) NULL pointer dereference (CVE-ID: CVE-2024-36011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the hci_le_big_sync_established_evt() function in net/bluetooth/hci_event.c. A local user can perform a denial of service (DoS) attack.
386) Use-after-free (CVE-ID: CVE-2024-36012)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the msft_monitor_supported() function in net/bluetooth/msft.h, within the msft_register() function in net/bluetooth/msft.c, within the hci_unregister_dev() and hci_release_dev() functions in net/bluetooth/hci_core.c. A local user can escalate privileges on the system.
387) Use-after-free (CVE-ID: CVE-2024-36013)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the l2cap_command_rej(), l2cap_connect() and l2cap_chan_unlock() functions in net/bluetooth/l2cap_core.c. A local user can escalate privileges on the system.
388) NULL pointer dereference (CVE-ID: CVE-2024-36014)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a NULL pointer dereference error within the malidp_mw_connector_reset() function in drivers/gpu/drm/arm/malidp_mw.c. A local user can perform a denial of service (DoS) attack.
389) Unchecked Return Value (CVE-ID: CVE-2024-36015)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an unchecked return value within the register_device() function in drivers/char/ppdev.c. A local user can perform a denial of service (DoS) attack.
390) Out-of-bounds write (CVE-ID: CVE-2024-36016)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.
391) Buffer overflow (CVE-ID: CVE-2024-36018)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the op_remap() function in drivers/gpu/drm/nouveau/nouveau_uvmm.c. A local user can perform a denial of service (DoS) attack.
392) Out-of-bounds read (CVE-ID: CVE-2024-36019)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the regcache_maple_drop() function in drivers/base/regmap/regcache-maple.c. A local user can perform a denial of service (DoS) attack.
393) Use of uninitialized resource (CVE-ID: CVE-2024-36020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the i40e_reset_all_vfs() function in drivers/net/ethernet/intel/i40e/i40e_virtchnl_pf.c. A local user can perform a denial of service (DoS) attack.
394) Improper Initialization (CVE-ID: CVE-2024-36021)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper initialization within the hclge_init_ae_dev() and hclge_comm_cmd_uninit() functions in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
395) Off-by-one (CVE-ID: CVE-2024-36025)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the qla_edif_app_getstats() function in drivers/scsi/qla2xxx/qla_edif.c. A local user can perform a denial of service (DoS) attack.
396) Resource management error (CVE-ID: CVE-2024-36026)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the smu_v13_0_4_system_features_control() function in drivers/gpu/drm/amd/pm/swsmu/smu13/smu_v13_0_4_ppt.c. A local user can perform a denial of service (DoS) attack.
397) Resource management error (CVE-ID: CVE-2024-36029)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the sdhci_msm_runtime_suspend() and sdhci_msm_runtime_resume() functions in drivers/mmc/host/sdhci-msm.c. A local user can perform a denial of service (DoS) attack.
398) Double Free (CVE-ID: CVE-2024-36030)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the rvu_npc_freemem() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c. A local user can perform a denial of service (DoS) attack.
399) Input validation error (CVE-ID: CVE-2024-36032)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_read_fw_build_info() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
400) Input validation error (CVE-ID: CVE-2024-36880)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qca_send_pre_shutdown_cmd(), qca_tlv_check_data() and qca_download_firmware() functions in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
401) Improper error handling (CVE-ID: CVE-2024-36885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the nvkm_firmware_dtor() and nvkm_firmware_ctor() functions in drivers/gpu/drm/nouveau/nvkm/core/firmware.c. A local user can perform a denial of service (DoS) attack.
402) Resource management error (CVE-ID: CVE-2024-36890)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the include/linux/slab.h. A local user can perform a denial of service (DoS) attack.
403) NULL pointer dereference (CVE-ID: CVE-2024-36891)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mas_empty_area_rev() function in lib/maple_tree.c. A local user can perform a denial of service (DoS) attack.
404) NULL pointer dereference (CVE-ID: CVE-2024-36893)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the svdm_consume_identity(), tcpm_register_partner_altmodes(), tcpm_init_vconn(), tcpm_typec_connect(), tcpm_typec_disconnect() and tcpm_pwr_opmode_to_rp() functions in drivers/usb/typec/tcpm/tcpm.c. A local user can perform a denial of service (DoS) attack.
405) Improper locking (CVE-ID: CVE-2024-36894)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ffs_user_copy_worker() and ffs_epfile_async_io_complete() functions in drivers/usb/gadget/function/f_fs.c. A local user can perform a denial of service (DoS) attack.
406) Buffer overflow (CVE-ID: CVE-2024-36895)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the __uvcg_iter_item_entries() function in drivers/usb/gadget/function/uvc_configfs.c. A local user can escalate privileges on the system.
407) NULL pointer dereference (CVE-ID: CVE-2024-36896)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the disable_show() and disable_store() functions in drivers/usb/core/port.c. A local user can perform a denial of service (DoS) attack.
408) NULL pointer dereference (CVE-ID: CVE-2024-36897)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the construct_integrated_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.
409) Use of uninitialized resource (CVE-ID: CVE-2024-36898)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the edge_detector_update() function in drivers/gpio/gpiolib-cdev.c. A local user can perform a denial of service (DoS) attack.
410) Out-of-bounds read (CVE-ID: CVE-2024-36906)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the ENDPROC() function in arch/arm/kernel/sleep.S. A local user can perform a denial of service (DoS) attack.
411) Input validation error (CVE-ID: CVE-2024-36918)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the test_fail_cases() function in tools/testing/selftests/bpf/prog_tests/bloom_filter_map.c, within the bloom_map_get_next_key() and bloom_map_check_btf() functions in kernel/bpf/bloom_filter.c. A local user can perform a denial of service (DoS) attack.
412) Out-of-bounds read (CVE-ID: CVE-2024-36921)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the iwl_mvm_mld_rm_sta() function in drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c. A local user can perform a denial of service (DoS) attack.
413) Improper locking (CVE-ID: CVE-2024-36922)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the iwl_txq_reclaim() function in drivers/net/wireless/intel/iwlwifi/queue/tx.c. A local user can perform a denial of service (DoS) attack.
414) Resource management error (CVE-ID: CVE-2024-36928)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the qeth_free_cq(), qeth_alloc_qdio_queues(), atomic_set(), qeth_free_qdio_queues() and qeth_qdio_poll() functions in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.
415) NULL pointer dereference (CVE-ID: CVE-2024-36930)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __spi_sync() function in drivers/spi/spi.c. A local user can perform a denial of service (DoS) attack.
416) Out-of-bounds read (CVE-ID: CVE-2024-36931)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the crw_inject_write() function in drivers/s390/cio/cio_inject.c. A local user can perform a denial of service (DoS) attack.
417) Improper locking (CVE-ID: CVE-2024-36936)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the list_del() function in drivers/firmware/efi/unaccepted_memory.c. A local user can perform a denial of service (DoS) attack.
418) Double Free (CVE-ID: CVE-2024-36940)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.
419) NULL pointer dereference (CVE-ID: CVE-2024-36941)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.
420) Memory leak (CVE-ID: CVE-2024-36942)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the qca_download_firmware() function in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.
421) Improper locking (CVE-ID: CVE-2024-36944)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.
422) Memory leak (CVE-ID: CVE-2024-36947)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.
423) Improper locking (CVE-ID: CVE-2024-36949)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the kgd2kfd_suspend() and kgd2kfd_resume() functions in drivers/gpu/drm/amd/amdkfd/kfd_device.c. A local user can perform a denial of service (DoS) attack.
424) Improper error handling (CVE-ID: CVE-2024-36950)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.
425) Input validation error (CVE-ID: CVE-2024-36951)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the event_interrupt_wq_v9() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v9.c, within the event_interrupt_wq_v11() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v11.c, within the event_interrupt_wq_v10() function in drivers/gpu/drm/amd/amdkfd/kfd_int_process_v10.c. A local user can perform a denial of service (DoS) attack.
426) Memory leak (CVE-ID: CVE-2024-36955)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.
427) Information disclosure (CVE-ID: CVE-2024-36959)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.
Remediation
Install update from vendor's website.